<?php
/*********************************************************************************
* Filename: retrieve_password.php
* 
* A page that does stuff
*
* Author: Caleb Goff
* Date Created: 10/12/2009
**********************************************************************************/

//The common.php file contains 
include_once "common.php";

echo "$header_open";
echo "$css_create";
echo "$js_password";
echo "$header_close";

?>

<body>

<!-- Define popup divs. -->
<div id="popupBadEmailTeam" style="border:2px solid black; background-color:#C0C0C0; padding:5px; font-size:150%; text-align:center; display:none;">
	<b><u>Alert!</b></u><br><br>
	No team is registered with that email in the league provided!<br><br>	
	<input type="button" value="OK" onClick="Popup.hide('popupBadEmailTeam')">
</div>

<div id="popupBadTeam" style="border:2px solid black; background-color:#C0C0C0; padding:5px; font-size:150%; text-align:center; display:none;">
	<b><u>Alert!</b></u><br><br>
	No team could be found!<br><br>	
	<input type="button" value="OK" onClick="Popup.hide('popupBadTeam')">
</div>

<div id="popupBadAnswer" style="border:2px solid black; background-color:#C0C0C0; padding:5px; font-size:150%; text-align:center; display:none;">
	<b><u>Alert!</b></u><br><br>
	Incorrect answer provided!<br><br>	
	<input type="button" value="OK" onClick="Popup.hide('popupBadAnswer')">
</div>

<div id="popupEmailSuccess" style="border:2px solid black; background-color:#C0C0C0; padding:5px; font-size:150%; text-align:center; display:none;">
	<b><u>Alert!</b></u><br><br>
	Email sent!<br><br>	
	<input type="button" value="OK" onClick="Popup.hide('popupEmailSuccess')">
</div>

<div id="popupResetSuccess" style="border:2px solid black; background-color:#C0C0C0; padding:5px; font-size:150%; text-align:center; display:none;">
	<b><u>Alert!</b></u><br><br>
	Password successfully reset!<br><br>	
	<input type="button" value="OK" onClick="Popup.hide('popupResetSuccess')">
</div>
<!-- End Define popup divs. -->


<div id="wrapper">
	<div id="inner">
		<div id="masthead">
			<h1>
			</h1>
			<ul>
				<?php 
					echo"$g_nav_bar";
				?>
			</ul>
		</div>

	    	<div id="all_content">
			<h2>
				Retrieve Password
			</h2>
            <?php
                $mode = $_GET['mode'];

                if ($mode == "verify")
                {
                    echo "If you can't remember you team password, please input your email address so we can begin resetting it.<br><br>";
                    echo '<div id="info_box">
				            <table>
					            <tr>
						            <td><b>League:</b></td>
						            <td>
								            <select class="selectElem" id="league_id">
									            <option value="NULL">Select League</option>';
									            
										            //Populate the valid leagues
										            $query    = "SELECT * FROM LEAGUES";
										            $l_ids    = array();
										            $l_names  = array();
										            $results  = do_query($query, $g_db_name, $g_username);

                                                    // Loop to store all of the league names and ids from the database
										            while ($row = mysql_fetch_assoc($results)){
											            $id   = $row['LEAGUE_ID'];
											            $name = $row['LEAGUE_NAME'];
											            echo "<option value='{$id}'>{$name}</option>";
										            }
									            
                    echo '
								            </select>
						            </td>
					            <tr>
						            <td><b>Email Address:</td>
						            <td><input id="email_add" class="resets" maxlength="64" size="30"/></td>
					            </tr>
					            <tr>
						            <td><input type="button" id="submit" value="Reset Password" onclick="verifyEmail();" /></td>
						            <td><input type="hidden" id="team_verify" value="empty"></td>
					            </tr>
				            </table>
			            </div>';
                }

                if ($mode == "question")
                {
                    echo "Please answer the security question you gave at registration in order to reset your password.<br><br>";
                    echo '<div id="info_box">
				            <table>
					            <tr>
						            <td><b>Question:</b></td>
						            <td>';
									            
                                    $key = $_GET['key'];
				
		                            $query = "SELECT LEAGUE_ID, OWNER_EMAIL, TEAM_ID, TEAM_NAME, QUESTION, ANSWER
			                              FROM TEAMS";

		                            $results = do_query($query, $g_db_name, $g_username);

                                    while($row = mysql_fetch_array($results)){
			                            $league_id = $row['LEAGUE_ID'];
                                        $email     = $row['OWNER_EMAIL'];
                                        $temp = md5($league_id . $email);
                                           
                                        if ($temp == $key)  
                                        {
                                            $cur_league = $row['LEAGUE_ID'];
                                            $team_id   = $row['TEAM_ID'];
                                            $team_name = $row['TEAM_NAME'];
                                            $question  = $row['QUESTION'];
                                            echo $question;
                                        }
                                    }
									            
                    echo "
						            </td>
					            <tr>
						            <td><b>Answer:</td>
						            <td>
                                        <input id='q_answer' class='reset' maxlength='255' size='30'/>
                                        <input type='hidden' id='key_verify' value='$key'>
                                    </td>
					            </tr>";
                    echo "
					            <tr>
						            <td><input type='button' id='submit' value='Verify' onclick='verifyQuestion($team_id,$cur_league);' /></td>
						            <td></td>
					            </tr>
				            </table>
			            </div>";
                }

                if ($mode == "reset")
                {
                    $key = $_GET['key'];
                    $answer_hash = $_GET['answer'];
                    $sec_mode = 1;

                    $query = "SELECT LEAGUE_ID, OWNER_EMAIL, TEAM_ID, TEAM_NAME, QUESTION, ANSWER
                          FROM TEAMS";

                    $results = do_query($query, $g_db_name, $g_username);

                    while($row = mysql_fetch_array($results)){
                        $league_id = $row['LEAGUE_ID'];
                        $email     = $row['OWNER_EMAIL'];
                        $temp = md5($league_id . $email);
                           
                        if ($temp == $key)  
                        {
                            $cur_league = $row['LEAGUE_ID'];
                            $team_id   = $row['TEAM_ID'];
                            $team_name = $row['TEAM_NAME'];
                            $answer    = $row['ANSWER'];
                            $hash      = md5($answer);
                            if ($hash == $answer_hash)
                            {
                                $sec_mode = 1;
                            } else {
                                $sec_mode = 2;
                            }  
                        }
                    }
        
                    if ($sec_mode == 1)
                    {
                        echo "Please reset your password below:<br><br>";
                        echo '<div id="info_box">
				                <table>
					                <tr>
						                <td><b>New Password:</b></td>
						                <td><input type="password" id="password" class="reset" maxlength="16" size="30"/></td>
					                <tr>
						                <td><b>Confirm Password:</td>
						                <td><input type="password" id="password_confirm" class="reset" maxlength="16" size="30"/></td>
					                </tr>';
                        echo "
					                <tr>
						                <td><input type='button' id='submit' value='Reset Password' onclick='verifyReset($team_id,$cur_league);' /></td>
						                <td></td>
					                </tr>
				                </table>
			                </div>";
                    } else {
                        echo "Invalid information provided. Please <a href='index.php'>visit the homepage</a>.";
                    }
                }
            ?>
		</div>

		<h2></h2>

		<div id="footer">
			<?php echo "$footer"; ?>
		</div>

	</div>    

</div>
</body>
</html>
